Security Engineer (Sentinel / SIEM)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Engineer (Sentinel / SIEM) in Brazil.

In this role, you will support a critical federal-facing program by strengthening security monitoring, detection, and incident response capabilities across complex environments. You will focus on managing and optimizing SIEM operations using Microsoft Sentinel, ensuring reliable log ingestion, normalization, and analytics across cloud and on-premise systems. The position plays a key role in enhancing threat visibility and improving the organization’s ability to detect and respond to security incidents in real time. You will work in a highly structured, compliance-driven environment where security standards and data integrity are essential. This is a hands-on engineering role combining SIEM expertise, cloud security knowledge, and analytical problem-solving. You will collaborate with stakeholders across security, infrastructure, and operations teams to ensure robust and audit-ready security monitoring capabilities.

Accountabilities

• Manage and optimize Microsoft Sentinel SIEM operations, including log ingestion, normalization, monitoring, and data pipeline health.
• Develop and maintain detection rules, correlation logic, dashboards, and analytics to enhance threat detection and visibility.
• Support incident response activities, threat hunting, and forensic investigations by providing relevant log data and analysis.
• Ensure integrity, confidentiality, and availability of security logs across multiple cloud and enterprise environments.
• Coordinate onboarding of new log sources from AWS, Azure, and other systems while ensuring proper configuration and monitoring.
• Maintain compliance with NIST frameworks and federal security requirements, including documentation and audit readiness.
• Monitor SIEM performance, identify gaps or failures in ingestion pipelines, and implement corrective actions.

Requirements

• 6+ years of experience in security engineering or SOC/SIEM-focused roles.
• Hands-on experience with Microsoft Sentinel and other SIEM platforms.
• Strong knowledge of log management, data ingestion, normalization, and security event correlation.
• Proficiency in KQL (Kusto Query Language) for building queries, analytics, and detections.
• Experience working with cloud security logs and environments such as AWS and Azure.
• Familiarity with NIST frameworks (800-53, 800-92, 800-61) and federal compliance standards.
• Active Public Trust clearance (required).
• Relevant certifications such as CISSP, GCIH, GCIA, Microsoft Security certifications, or equivalent (preferred).
• Strong analytical thinking, attention to detail, and ability to support incident response in high-pressure environments.

Benefits

• Fully remote work arrangement within Canada.
• Opportunity to support high-impact federal security programs.
• Competitive compensation aligned with experience and clearance level.
• Exposure to advanced SIEM, cloud security, and threat detection technologies.
• Professional development opportunities, including certifications and continuous learning support.
• Work in a structured, compliance-driven cybersecurity environment.

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1